path: root/iptables/xshared.h
xshared: Share a common add_command() implementation
The shared definition of cmdflags is a super set of the previous one in xtables-arp.c so while not being identical, they're compatible. Avoid accidental array overstep in cmd2char() by incrementing an index variable and checking its final value before using it as such. Signed-off-by: Phil Sutter <> Acked-by: Pablo Neira Ayuso <>
diff --git a/iptables/xshared.h b/iptables/xshared.h
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -183,4 +183,8 @@ void command_match(struct iptables_command_state *cs);
const char *xt_parse_target(const char *targetname);
void command_jump(struct iptables_command_state *cs, const char *jumpto);
+char cmd2char(int option);
+void add_command(unsigned int *cmd, const int newcmd,
+ const int othercmds, int invert);